

Non- Secure Monitor 80 NS 7 78 Fig. 2 Mode NSMale 1 S Mole! NsMode 2 SMode 2

. ::













F.3. 9



Fig. 10







Fig. 13A



Fig. 12



Fig. 13B

|   | Exception Visit 18 | # - s- Vector offsels | Corresponding mode          |
|---|--------------------|-----------------------|-----------------------------|
|   | Reset              | 0x00                  | Supervisor mode             |
|   | Linder             | 0x04                  | Monitor mode / Unlib make   |
| : | SWI                | 0x08                  | Supervisor mode Monter make |
| • | Prefetch abort     | 0x0C                  | Abort mode M . for mode     |
|   | Data abort         | 0x10                  | Abort mode / Mon: for made  |
|   | IRQ/SIRQ           | 0x18                  | IRQ mode Monitor made       |
|   | FIQ                | 0x1C                  | FIQ mode Monitor mode       |
| 1 | SMI                | OX 20                 | Mudet maje / Duta maje      |

F13.14

Monitor

Hasel VMO
Wholes VMI
SWI VM2
Probatch about VM3
Data about VM4
IRR/SIRR VMS
FIR VM6
SMI VM7

Non-Secure

| Reset          | VSØ         |
|----------------|-------------|
| thous          | VSI         |
| SWI            | VS2.        |
| ProJetch abort | <b>V</b> S3 |
| Data abort     | <b>VS4</b>  |
| IRQ/SIRQ       | 5           |
| FIQ            | V56         |
| SMI            | VS7         |

| Reiset          | VNSO    |
|-----------------|---------|
| Topoly          | VNSI    |
| SWI             | VNS2    |
| Protetely about | NN23    |
| Data about      | VNS4    |
| IRQ/SIRQ        | VNSS    |
| FIQ             | ** VNS6 |
| SMI             | VNS7    |

Fig. 15.

CP15 Monitor Trap Mask Register

world exception

| 0   | 1   | , \               | . \           | . 1 | 0    | 1   |
|-----|-----|-------------------|---------------|-----|------|-----|
| SMI | SWI | Protetch<br>Abort | Oata<br>Abort | IRQ | PING | FIQ |

\*

1= Mon(S)

O = NS

OR via hardware/external









FIGURE 21

| User | System | Supervisor | Abort   | Undefined | Interrupt | Fast Interrupt |
|------|--------|------------|---------|-----------|-----------|----------------|
| R0   | R0     | R0         | R0      | R0        | R0        | R0             |
| R1   | R1     | R1         | R1      | R1        | R1        | R1             |
| R2   | R2     | R2         | R2      | R2        | R2        | R2             |
| R3   | . R3   | R3         | R3      | R3        | R3        | R3             |
| R4   | R4     | R4         | R4      | R4        | R4        | R4             |
| R5   | R5     | R5         | R5      | R5        | R5        | R5             |
| R6   | R6     | R6         | R6      | R6        | R6        | R6             |
| R7   | R7     | R7         | R7      | R7        | R7        | R7             |
| R8   | R8     | R8         | R8      | R8        | R8        | R8_fiq         |
| R9   | R9     | R9         | R9      | R9        | R9        | R9_fiq         |
| R10  | R10    | R10        | R10     | R10       | R10       | R10_fiq        |
| R11  | R11    | R11        | R11     | R11       | R11       | R11_fiq        |
| R12  | R12    | R12        | R12     | R12       | R12       | R12_fiq        |
| R13  | R13    | R13_BYC    | R43_abl | R13_und   | R13_irq   | R13_fiq        |
| R14  | R14    | 14_sve     | RM_sbt/ | R14_und   | R14_irq   | R14_fiq        |
| PC   | PC     | PC         | PC      | PC        | PC        | PC             |

| Monitor |   |
|---------|---|
|         | _ |
| R0      |   |
| R1      |   |
| R2      |   |
| R3      |   |
| R4      |   |
| R5      |   |
| R6      |   |
| R7      |   |
| R8      |   |
| R9      |   |
| R10     |   |
| R11     |   |
| R12     |   |
| R13_mon | 1 |
| R14_mon | 1 |
| PC      | Ì |
|         |   |

| CPSR | CPSR | CPSR     | CPSR     | CPSR     | CPSR     | CPSR     |
|------|------|----------|----------|----------|----------|----------|
|      |      | SPSR_svc | SPSR_abt | SPSR_und | SPSR_irq | SPSR_fiq |

CPSR SPSR\_mon

FIGURE 22



FIGURE 23

Fraditional Secure

ARM + processing

non/secure

ARM

5=1

1-13. 24





fig. 26









Fig. 30



Fig. 31

26/64 Secure Monitor Non-Secure Int 2 hardler NSB

Lig. 32

Monitor Non-secure hardler Close Stub Int1 handler

Fig 33



F16.35



F16.36



FIG. 37



FIG. 38





F16.40



F16-41



F16. 42





FIG. 44



FIG. 45



F16.46





Fig. 48





PUYSICAL BOOKESS SPACE

F16. 49



FIG SOA



F16 50B



FIG 51



FIG 52







FIG 55



FIG 56



FIG 57



Done by cache

FIG 58

| Method of entry                 | How to program?                                                                                                                          | How to enter?                                                                                                                                    | Entry mode   |
|---------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------|--------------|
| Breakpoint hits                 | Debug TAP or software (CP14)                                                                                                             | Program breakpoint register and/or context-ID register and comparisons succeed with Instruction Address and/or CP15 Context ID (²).              | Halt/monitor |
| Software breakpoint instruction | Put a BKPT instruction into scan chain 4 (Instruction Transfer Register) through Debug TAP or Use BKPT instruction directly in the code. | BKPT instruction must reach execution stage.                                                                                                     | Halt/monitor |
| Vector trap breakpoint          | Debug TAP                                                                                                                                | Program vector trap register and address matches.                                                                                                | Halt/monitor |
| Watchpoint hits                 | Debug TAP<br>or software (CP14)                                                                                                          | Program watchpoint register and/or context-ID register and comparisons succeed with Instruction Address and/or CP15 Context ID ( <sup>2</sup> ). | Halt/monitor |
| Internal debug request          | Debug TAP                                                                                                                                | Halt instruction has been scanned in.                                                                                                            | Halt         |
| External debug request          | 以上共供 Not applicable 和 。                                                                                                                  | EDBGRQ input pin is asserted.                                                                                                                    | Halt         |

<sup>(1):</sup> In monitor mode, breakpoints and watchpoints cannot be data-dependent.

Figure 60

 $<sup>(^2)</sup>$ : The cores have support for thread-aware breakpoints and watchpoints in order to able to enable so cure debug on some particular threads.

| Name                                 | Meaning                                                                                            | Reset<br>value | Access                                                                                                                                                                                                                                                 | Inserted in scan chain |
|--------------------------------------|----------------------------------------------------------------------------------------------------|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|
| Monitor<br>mode enable<br>bit        | 0: halt mode<br>1: monitor mode                                                                    | 1              | R/W by programming the ICE by the JTAG (scan1)  R/W by using MRC/MCR instruction (CP14)                                                                                                                                                                | for test<br>yes        |
| Secure debug<br>enable bit           | 0: debug in non-<br>secure world only.<br>1: debug in secure<br>world and non-<br>secure world     | 0              | In functional mode or debug monitor mode: R/W by using MRC/MCR instruction (CP14) (only in secure supervisor mode)  In Debug halt mode: No access – MCR/MRC instructions have any effect.  (R/W by programming the ICE by the JTAG (scan1) if JSDAEN=1 | no                     |
| Secure trace enable bit              | 0: ETM is enabled in non-secure world only. 1: ETM is enabled in secure world and non-secure world | 0              | In functional mode or debug monitor mode: R/W by using MRC/MCR instruction (CP14) (only in secure supervisor mode)  In Debug halt mode: No access – MCR/MRC instructions have any effect.  (R/W by programming the ICE by the JTAG (scan1) if JSDAEN=1 | no                     |
| Secure user-<br>mode enable<br>bit   | 0: debug is not possible in secure user mode 1: debug is possible in secure user mode              |                | In functional mode or debug monitor mode: R/W by using MRC/MCR instruction (CP14) (only in secure supervisor mode)  In Debug halt mode: No access – MCR/MRC instructions have any effect.  (R/W by programming the ICE by the JTAG (scan1) if JSDAEN=1 | no                     |
| Secure<br>thread-aware<br>enable bit | 0: debug is not possible for a particular thread 1: debug is possible for a particular thread      | 0              | In functional mode or debug monitor mode: R/W by using MRC/MCR instruction (CP14) (only in secure supervisor mode)  In Debug halt mode: No access – MCR/MRC instructions have any effect.  (R/W by programming the ICE by the JTAG (scan1) if JSDAEN=1 | no                     |

Figure 6/

#### **Function Table**

| D | CK | Q[n+1] |
|---|----|--------|
| 0 |    | 0      |
| 1 |    | 1      |
| X | /  | Q[n]   |

#### Logic Symbol



### FIGURE 62

#### **Function Table**

| D <sub>.</sub> | SI | SE | CK | Q[n+1] |
|----------------|----|----|----|--------|
| О              | x  | 0  |    | 0      |
| 1              | X  | 0  |    | 1      |
| X              | х  | X  |    | Q[n]   |
| X              | 0  | 1  |    | 0      |
| X              | 1  | 1  |    | 1      |

#### Logic Symbol



figure 63



FIGURE 64



Figure 65.



FIGURE 66 A

Scan Out



FIGURE 66 B



Figure 67

| CP14 bits           | in Debug and Status Co | ontrol register                       |                                                                                                                                                                                                                                                      |
|---------------------|------------------------|---------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Secure debug enable | Secure user-mode       | Secure thread-aware                   | meaning                                                                                                                                                                                                                                              |
| bit                 | debug enable bit       | debug enable bit                      |                                                                                                                                                                                                                                                      |
| 0                   | Х                      | X                                     | No intrusive debug in entire secure world is possible. Any debug request, breakpoints, watchpoints, and other mechanism to enter debug state are ignored in entire secure world.                                                                     |
| 1                   | 0                      | X                                     | Debug in entire secure world is possible                                                                                                                                                                                                             |
| 1                   | 1                      | 0                                     | Debug in secure user-mode only. Any debug request, breakpoints, watchpoints, and other mechanism to enter debug state are taken into account in user mode only. (Breakpoints and watchpoints linked or not to a thread                               |
|                     |                        | · · · · · · · · · · · · · · · · · · · | ID are taken into account). Access in debug is restricted to what secure user can have access to.                                                                                                                                                    |
| 1                   | 1                      | 1                                     | Debug is possible only in some particular threads. In that case only thread-aware breakpoints and watchpoints linked to a thread ID are taken into account to enter debug state. Each thread can moreover debug its own code, and only its own code. |

## Figure 69A

| CP14 bits in Debug and Status Control register |                                   | ontrol register                      |                                                                                                                                                                                                                                                        |  |
|------------------------------------------------|-----------------------------------|--------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--|
| Secure trace enable bit                        | Secure user-mode debug enable bit | Secure thread-aware debug enable bit | meaning                                                                                                                                                                                                                                                |  |
| 0                                              | Х                                 | X                                    | No observable debug in entire secure world is possible. Trace module (ETM) must not trace internal core activity.                                                                                                                                      |  |
| 1                                              | 0                                 | X                                    | Trace in entire secure world is possible                                                                                                                                                                                                               |  |
| 1                                              |                                   | Ö                                    | Trace is possible when the core is in secure user-mode only.                                                                                                                                                                                           |  |
| 1                                              |                                   | 1                                    | Trace is possible only when the core is executing some particular threads in secure user mode. Particular hardware must be dedicated for this, or re-use breakpoint register pair: Context ID match must enable trace instead of entering debug state. |  |

Figure 69B

| Program | Debuy                 |
|---------|-----------------------|
| Α       | 1 ラシー                 |
| ß       |                       |
| Α       | 1→<br>1→<br>1→<br>1-→ |
| В       |                       |
|         |                       |

Figure 70

| Method of entry                 | Entry when in non-secure world    | entry when in secure world                                                         |
|---------------------------------|-----------------------------------|------------------------------------------------------------------------------------|
| Breakpoint hits                 | Non-secure prefetch abort handler | secure prefetch abort handler                                                      |
| Software breakpoint instruction | Non-secure prefetch abort handler |                                                                                    |
| Vector trap breakpoint          | exceptions, prefetch abort.       | secure prefetch abort exceptions (1). For other exceptions, secure prefetch abort. |
| Watchpoint hits                 |                                   | secure data abort handler                                                          |
| Internal debug request          |                                   | debug state in halt mode                                                           |
| External debug request          | Debug state in halt mode          | debug state in halt mode                                                           |

- (1) see information on vector trap register, :
- (2) Note that when external or internal debug request is asserted, the core enters halt mode and not monitor mode.

### Figure 71A

| Method of entry                         | Entry in non-secure world                                                                                                          | entry in secure world   |
|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------|-------------------------|
| Breakpoint hits                         | Non-secure prefetch abort handler                                                                                                  | breakpoint/ignored      |
| Software breakpoint instruction         | Non-secure prefetch abort handler                                                                                                  | instruction ignored (v) |
| Vector trap breakpoint                  | Disabled for non-secure data abort and non-secure prefetch abort interruptions. For others interruption non-secure prefetch abort. | breakpoint/ignored      |
| Watchpoint hits                         | Non-secure data abort handler                                                                                                      | watchpoint ignored      |
| Internal debug request                  | Debug state in halt mode                                                                                                           | request ignored :       |
| External debug request                  | Debug state in halt mode                                                                                                           | request ignored 🐪 🐪 🕌   |
| Debug re-entry from system speed access | not applicable                                                                                                                     | not applicable          |

(1) As substitution of BKPT instruction in secure world from non-secure world is not possible, non-secure abort must handle the violation.

Figure 718